RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING

Size: px
Start display at page:

Download "RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING"

Transcription

1 RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING RACKSPACE PRIVATE CLOUD September 2016

2 TABLE OF CONTENTS INTRODUCTION SECURITY HARDENING CHALLENGES Is automated security the magic bullet?... 3 RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING OVERVIEW Powered by OpenStack-Ansible RPC 12.2 SECURITY HARDENING BENEFITS More resources ABOUT RACKSPACE RACKSPACE PRIVATE CLOUD :: WHITE PAPER :: RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING

3 INTRODUCTION For many organizations, security hardening means balancing performance with security tasks. At the same time, organizations have to make sure that the effort put into hardening security doesn t break another piece of the environment. Losing focus on security can lead to regulatory consequences or public relations nightmares. Rackspace Private Cloud 12.2 (RPC 12.2) introduces a number of securityhardening measures designed to address the complexities of securing private clouds with highly customizable, automated security controls to serve both the stringent compliance-driven requirements of enterprises and the performance demands of business-critical applications. SECURITY HARDENING CHALLENGES Applying security configurations to any system requires careful consideration of each change. While some changes reduce risk, they can cause performance or availability problems in a production environment. As an example, the Security Technical Implementation Guide (STIG) requires administrators to disable IPv6 networking and suspend hosts that can t write audit logs due to a full disk. Both changes have security benefits, but can be highly disruptive in certain environments. Reviewing the security merits of each change against the impacts to production requires security professionals and system administrators to combine their experience and expertise. Many compliance programs, such as PCI DSS, require companies to apply industry-accepted hardening standards to servers. This is not a one-time activity. Maintaining hardened systems over time requires careful attention to configuration changes and system alerts. This work often conflicts with the strategic, revenue generating activities of an organization. Is automated security the magic bullet? Automated security controls provide the scalable, repeatable security improvements that organizations need so they can focus on increasing revenue. Still, system administrators have several demands for security changes in production environments: They must reduce risk and thwart common attacks. Implementing the changes should be easy. Maintaining them over time should not be time-consuming. Production environments cannot be disrupted. Changes should be open, transparent and tested. The latest version of Rackspace Private Cloud takes security hardening to the next level with automated security controls that reduce risk without becoming a burden on system administrators. RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING OVERVIEW Rackspace Private Cloud 12.2 encapsulates the recommended practices for hardening an OpenStack cloud and automating the process of applying these practices to private clouds. The new, optional security hardening role in RPC 12.2 provides increased security for the host operating system and many common services running on the host. The controls are based on the widely accepted Security Technical Implementation Guide (STIG) that the United States government uses to secure sensitive systems. All of the controls are automatically applied as part of the RPC deployment. The STIG covers a wide variety of security improvements throughout a Linux system. It includes controls for user authentication, service management and kernel tuning. These controls reduce the chances of a successful attack and also decrease the attacker s ability to move laterally if they are successful. System call auditing and file integrity monitoring provide actionable alerts for system administrators when suspicious activity occurs. Each control has been carefully reviewed to determine if it could cause a problem within an OpenStack cloud. Any controls that could disrupt a virtual machine or an OpenStack service have been adjusted or thoroughly documented as an exception. This ensures that you get all of the security benefits of each control without any impact to your cloud. 3 RACKSPACE PRIVATE CLOUD :: WHITE PAPER :: RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING

4 EXTERNAL NETWORKS PUBLIC NETWORK MANAGEMENT NETWORK Extensively documented: Each configuration is documented and referenced back to the specific STIG guideline addressed. The documentation also explains exceptions and configuration adjustments for auditors, and allows you to make educated decisions on which security configuration changes to apply. REDUNDANT FIREWALLS REDUNDANT LOAD BALANCERS VM NETWORK STORAGE REPLICATION NETWORK DOCUMENTATION: REDUNDANT 10GB NETWORK SWITCHES V-38496: Default operating system accounts, other than root, must be locked. (Configuration requirement from the STIG) BOND1 BOND1 Instances BOND1 Disabling authentication for default system accounts makes it more difficult for attackers to make use of them to compromise a system. CONTROL PLANE Nova APIs LOGGING SERVER Logstash COMPUTE #X STORAGE #X Native Cinder SWIFT STORAGE #X Details: V in STIG Viewer. (Link to the STIG Viewer) NOTES FOR DEPLOYERS: (Auditors want to see these, too) Glance APIs Keystone APIs ElasticSearch Kibana Ceph RBD EMC VNX2 Exception Neutron APIs Cinder APIs Heat APIs Horizon MariaDB/Galera NetApp FAS The Ansible tasks will check for default system accounts (other than root) that are not locked. The tasks won't take any action, however, because any action could cause authorized users to be unable to access the system. However, if any unlocked default system accounts are found, the playbook will fall with an error message until the user accounts are locked. Rabbit MQ Swift Proxy Deployers who intentionally want to skip this step should use: --skip-tags V to avoid a playbook failure on this check. Powered by OpenStack-Ansible OpenStack-Ansible, an open source project in the OpenStack ecosystem, is under the hood of every RPC deployment. One of the roles within the project, OpenStack-Ansible security, applies over 200 security configurations in just a few minutes. The automation within the role was built and reviewed by OpenStack developers from various companies, including Rackspace. RPC 12.2 SECURITY HARDENING BENEFITS Helps meet PCI DSS compliance requirements: The security configuration management tool helps you to meet PCI DSS 3.1 Requirement 2.2 that states: Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards. Auditor friendly: Audit mode can be used for testing or to validate compliance for auditing purposes. The setting lets you both demonstrate compliance and explain any exceptions. Deployers are urged to audit the accounts on their systems and lock any users that don't need to log in via consoles or via ssh. Easy to use: At launch, hundreds of security configuration settings are available to you. See the complete list here. All settings can be easily adjusted to align with your security needs with minimal disruption. Backed by experts: Run your workloads backed by a team of experts who manage the world s largest OpenStack-powered cloud. We were an integral part of setting the community standard for deploying OpenStack with Ansible and know best how to run and operate it. We also offer a comprehensive training curriculum and a suite of enablement services to help you become an expert too. 4 RACKSPACE PRIVATE CLOUD :: WHITE PAPER :: RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING

5 We deliver Fanatical Support for the world's leading clouds it's the specialized expertise and 24x7x365, results-obsessed customer service that s been a part of our DNA since Rackspace proactively monitors and maintains the health of your private cloud, and offers the following service level agreements: minute live response time guarantee to any emergency ticket with Core support % network uptime guarantee and one-hour hardware replacement at no cost when hosted in a Rackspace data center. -- Industry-leading 99.99% OpenStack API Uptime Guarantee. Adopting or upgrading to Rackspace Private Cloud 12.2 can help you meet both internal and external security requirements more quickly, with less cost and reduced effort, while boosting your confidence in the security of your systems. If your environment is exposed to the internet or subject to PCI DSS or other compliance regulations, consider applying this hardened configuration. We recommend that you test this role and any related configuration changes in a non-production environment first. More resources: For a nuts and bolts look at Rackspace Private Cloud 12.2, read our Deep Dive blog here: FREE STRATEGY SESSION To turn on the security hardening feature, to make configuration setting changes to secure your private cloud enviroment, or to discuss your private cloud strategy, contact a Private Cloud Architect at go.rackspace.com/openstackexperts 5 RACKSPACE PRIVATE CLOUD :: WHITE PAPER :: RACKSPACE PRIVATE CLOUD 12.2 SECURITY HARDENING

6 ABOUT RACKSPACE Rackspace (NYSE: RAX), the #1 managed cloud company, helps businesses tap the power of cloud computing without the challenge and expense of managing complex IT infrastructure and application platforms on their own. Rackspace engineers deliver specialized expertise on top of leading technologies developed by OpenStack, Microsoft, VMware and others, through a results-obsessed service known as Fanatical Support. Learn more at or call us at Rackspace US, Inc. This whitepaper is provided AS IS and is a general introduction to the service described. You should not rely solely on this whitepaper to decide whether to purchase the service. Features, benefits and/or pricing presented depend on system configuration and are subject to change without notice. Rackspace disclaims any representation, express or implied warranties, including any implied warranty of merchantability, fitness for a particular purpose, and non-infringement, or other commitment regarding its services except for those expressly stated in a Rackspace services agreement. This document is a general guide and is not legal advice, or an instruction manual. Your implementation of the measures described may not result in your compliance with law or other standard. This document may include examples of solutions that include non-rackspace products or services. Except as expressly stated in its services agreements, Rackspace does not support, and disclaims all legal responsibility for, third party products and services. Unless otherwise agreed in a Rackspace service agreement, you must work directly with third parties to obtain their products and services and related support under separate legal terms between you and the third party. Rackspace cannot guarantee the accuracy of any information presented after the date of publication. Rackspace, Fanatical Support and other Rackspace marks are service marks or registered services of Rackspace US, Inc. and are registered in the United States and other countries. Other Rackspace or third party trademarks, service marks, images, products and brands remain the sole property of their respective holders and do not imply endorsement or sponsorship. September 27, 2016

Rackspace Private Cloud Powered By OpenStack: The Customer Experience

Rackspace Private Cloud Powered By OpenStack: The Customer Experience Rackspace Private Cloud Powered By OpenStack: The Customer Experience Author: Christian Foster Director, Rackspace Private Cloud Rackspace Private Cloud Powered By OpenStack : The Customer Experience Cover

More information

OpenStack Deep Dive Alan Clark

OpenStack Deep Dive Alan Clark OpenStack Deep Dive Alan Clark OpenStack, Chairman of the Board Director, SUSE aclark@suse.com Community Size Q2 2014 ECOSYSTEM SIZE (Members + Sponsors + Supporters) 390 Companies Members: 26 Sponsors:

More information

A C A S E ST U DY FO R: CODE ENIGMA

A C A S E ST U DY FO R: CODE ENIGMA A C A S E ST U DY FO R: CODE ENIGMA Proving one size does not fit all in Drupal hosting BUSINESS Code Enigma, an expert Digital Agency. SOLUTION As a Rackspace Gold-level strategic partner, Code Enigma

More information

A Tale of Two Workloads

A Tale of Two Workloads A Tale of Two Workloads USING OPENSTACK AND VMWARE VSPHERE TO BUILD A HYBRID SOLUTION CONTENTS. Executive Summary. 2 Understanding the Challenges. 2 Development of a Two-Workload Strategy. 3 Understanding

More information

Getting Started with Database As a Service on OpenStack

Getting Started with Database As a Service on OpenStack White Paper Getting Started with Database As a Service on OpenStack Today s Database Management Challenges The last decade of computing technologies have been dominated by the proliferation of virtualization

More information

How an Open Source Cloud Will Help Keep Your Cloud Strategy Options Open

How an Open Source Cloud Will Help Keep Your Cloud Strategy Options Open How an Open Source Cloud Will Help Keep Your Cloud Strategy Options Open Simon Briggs Technology Specialist simon@suse.com Open Source = openmind 3 Protect Investment & Work Together 4 Cloud Definitions

More information

Building on these core skills, customers can work on advanced concepts, such as:

Building on these core skills, customers can work on advanced concepts, such as: OpenStack Training OVERVIEW OnX s OpenStack training courses provide a deep and practical understanding of all aspects of today s most popular cloud platform. Unlike other training providers, OnX offerings

More information

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP

More information

SUSE Cloud 4 Private Cloud based on OpenStack

SUSE Cloud 4 Private Cloud based on OpenStack SUSE Cloud 4 Private Cloud based on OpenStack Michał Jura Senior Software Engineer Linux HA/Cloud Developer mjura@suse.com 2 New solutions emerge: Infrastructure-as-Service Cloud Applications Applications

More information

Reference Architecture: Enterprise Security For The Cloud

Reference Architecture: Enterprise Security For The Cloud Reference Architecture: Enterprise Security For The Cloud A Rackspace Whitepaper Reference Architecture: Enterprise Security for the Cloud Cover Table of Contents 1. Introduction 2 2. Network and application

More information

TUT5605: Deploying an elastic Hadoop cluster Alejandro Bonilla

TUT5605: Deploying an elastic Hadoop cluster Alejandro Bonilla TUT5605: Deploying an elastic Hadoop cluster Alejandro Bonilla Sales Engineer abonilla@suse.com Agenda Overview Manual Deployment Orchestration Generic workload autoscaling Sahara Dedicated for Hadoop

More information

FUJITSU Software ServerView Cloud Monitoring Manager V1 Introduction

FUJITSU Software ServerView Cloud Monitoring Manager V1 Introduction FUJITSU Software ServerView Cloud Monitoring Manager V1 Introduction November 2015 Fujitsu Limited Product Overview 1 Why a Monitoring & Logging OpenStack Service? OpenStack systems are large, complex

More information

Introduction to AWS Security July 2015

Introduction to AWS Security July 2015 Introduction to AWS Security July 2015 Page 1 of 7 Table of Contents Introduction... 3 Security of the AWS Infrastructure... 3 Security Products and Features... 4 Network Security... 4 Inventory and Configuration

More information

Acronis Storage Gateway

Acronis Storage Gateway Acronis Storage Gateway DEPLOYMENT GUIDE Revision: 12/30/2015 Table of contents 1 Introducing Acronis Storage Gateway...3 1.1 Supported storage backends... 3 1.2 Architecture and network diagram... 4 1.3

More information

Symantec Virtual Machine Management 7.1 User Guide

Symantec Virtual Machine Management 7.1 User Guide Symantec Virtual Machine Management 7.1 User Guide Symantec Virtual Machine Management 7.1 User Guide The software described in this book is furnished under a license agreement and may be used only in

More information

IBM Tivoli Netcool Configuration Manager

IBM Tivoli Netcool Configuration Manager IBM Netcool Configuration Manager Improve organizational management and control of multivendor networks Highlights Automate time-consuming device configuration and change management tasks Effectively manage

More information

Logging and Alerting for the Cloud

Logging and Alerting for the Cloud Logging and Alerting for the Cloud What you need to know about monitoring and tracking across your enterprise The need for tracking and monitoring is pervasive throughout many aspects of an organization:

More information

SUSE Cloud 5 Private Cloud based on OpenStack

SUSE Cloud 5 Private Cloud based on OpenStack SUSE Cloud 5 Private Cloud based on OpenStack Michał Jura Senior Software Engineer Linux HA/Cloud Developer mjura@suse.com 2 New solutions emerge: Infrastructure-as-Service Cloud = 3 SUSE Cloud Why OpenStack?

More information

Introduction to OpenStack

Introduction to OpenStack Introduction to OpenStack Carlo Vallati PostDoc Reseracher Dpt. Information Engineering University of Pisa carlo.vallati@iet.unipi.it Cloud Computing - Definition Cloud Computing is a term coined to refer

More information

Effective Azure Migration Moving Applications to the Cloud

Effective Azure Migration Moving Applications to the Cloud Effective Azure Migration Moving Applications to the Cloud Effective Azure Migration Cover Table of Contents Executive Summary 1 Defining Line-of-Business Applications 1 An Example Application 2 The Migration

More information

cloud functionality: advantages and Disadvantages

cloud functionality: advantages and Disadvantages Whitepaper RED HAT JOINS THE OPENSTACK COMMUNITY IN DEVELOPING AN OPEN SOURCE, PRIVATE CLOUD PLATFORM Introduction: CLOUD COMPUTING AND The Private Cloud cloud functionality: advantages and Disadvantages

More information

White Paper. Deploying and Provisioning Databases in the Cloud: How Tesora s Database as a Service (DBaaS) Platform is Transforming Enterprise IT

White Paper. Deploying and Provisioning Databases in the Cloud: How Tesora s Database as a Service (DBaaS) Platform is Transforming Enterprise IT White Paper Deploying and Provisioning Databases in the Cloud: How Tesora s Database as a Service (DBaaS) Platform is Transforming Enterprise IT When IT Departments Can t Deliver, People Go Elsewhere Over

More information

Mirantis OpenStack Express: Security White Paper

Mirantis OpenStack Express: Security White Paper Mirantis OpenStack Express: Security White Paper Version 1.0 2005 2014 All Rights Reserved www.mirantis.com 1 Introduction While the vast majority IT professionals are now familiar with the cost-saving

More information

IBM Tivoli Storage Manager for Virtual Environments

IBM Tivoli Storage Manager for Virtual Environments IBM Storage Manager for Virtual Environments Non-disruptive backup and instant recovery: Simplified and streamlined Highlights Simplify management of the backup and restore process for virtual machines

More information

Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0

Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 A Monitoring Cloud Service for Enterprise OpenStack Systems Cloud

More information

SALMON A C A S E ST U DY FO R: SOLUTION Flexible, scalable hosting solutions and a business relationship that supports Salmon's new business function.

SALMON A C A S E ST U DY FO R: SOLUTION Flexible, scalable hosting solutions and a business relationship that supports Salmon's new business function. A C A S E ST U DY FO R: SALMON BUSINESS Salmon is a global systems integrator, specialising in developing and supporting integrated ecommerce and e-insurance solutions. SOLUTION Flexible, scalable hosting

More information

Access to easy-to-use tools that reduce management time with Arcserve Backup

Access to easy-to-use tools that reduce management time with Arcserve Backup Access to easy-to-use tools that reduce management time with Arcserve Backup In business, evolution is constant. Staff grows. New offices spring up. New applications are being implemented, and typically,

More information

Ubuntu OpenStack Fundamentals Training

Ubuntu OpenStack Fundamentals Training Ubuntu OpenStack Fundamentals Training Learn from the best, how to use the best! You ve made the decision to use the most powerful open cloud platform, and now you need to learn how to make the most of

More information

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited Sales Slide Midokura Enterprise MidoNet V1 July 2015 Fujitsu Limited What Is Midokura Enterprise MidoNet? Network Virtualization Software Coordinated with OpenStack Provides safe & effective virtual networks

More information

Identity and Access Management for the Cloud

Identity and Access Management for the Cloud Identity and Access Management for the Cloud What you need to know about managing access to your clouds Organizations need to control who has access to which systems and technology within the enterprise.

More information

HO5604 Deploying MongoDB. A Scalable, Distributed Database with SUSE Cloud. Alejandro Bonilla. Sales Engineer abonilla@suse.com

HO5604 Deploying MongoDB. A Scalable, Distributed Database with SUSE Cloud. Alejandro Bonilla. Sales Engineer abonilla@suse.com HO5604 Deploying MongoDB A Scalable, Distributed Database with SUSE Cloud Alejandro Bonilla Sales Engineer abonilla@suse.com Agenda SUSE Cloud Overview What is MongoDB? 2 Getting familiar with the Cloud

More information

Leveraging OpenStack Private Clouds

Leveraging OpenStack Private Clouds Leveraging OpenStack Private Clouds Robert Ronan Sr. Cloud Solutions Architect! Robert.Ronan@rackspace.com! LEVERAGING OPENSTACK - AGENDA OpenStack What is it? Benefits Leveraging OpenStack University

More information

1. Before You Shop: INTRODUCTION:

1. Before You Shop: INTRODUCTION: INTRODUCTION: HOSTED EXCHANGE 2013 BUYER S GUIDE: YOUR STEP-BY-STEP GUIDE TO FINDING A BETTER EXCHANGE The recent end of support for Exchange 2003 and widespread adoption of Exchange 2013 has more organizations

More information

SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack. Gábor Nyers Sales Engineer @SUSE gnyers@suse.com

SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack. Gábor Nyers Sales Engineer @SUSE gnyers@suse.com SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack Gábor Nyers Sales Engineer @SUSE gnyers@suse.com Introductory video ChalkTalk: SUSE OpenStack Cloud 2 Stetting the Stage for SUSE OpenStack

More information

OpenStack Introduction. November 4, 2015

OpenStack Introduction. November 4, 2015 OpenStack Introduction November 4, 2015 Application Platforms Undergoing A Major Shift What is OpenStack Open Source Cloud Software Launched by NASA and Rackspace in 2010 Massively scalable Managed by

More information

Rackspace Private Cloud Security

Rackspace Private Cloud Security Rackspace Private Cloud Security Written by: Joe Burke Rackspace Private Cloud Product Architect Rackspace Private Cloud Security Cover Table of Contents 1. Introduction 2 2. Rackspace Private Cloud Security

More information

OPENSTACK IN THE ENTERPRISE Best practices for deploying enterprise-grade OpenStack implementations

OPENSTACK IN THE ENTERPRISE Best practices for deploying enterprise-grade OpenStack implementations WHITEPAPER OPENSTACK IN THE ENTERPRISE Best practices for deploying enterprise-grade OpenStack implementations Vinny Valdez INTRODUCTION 64% of IT managers have OpenStack on their technology roadmaps.

More information

The Incremental Advantage:

The Incremental Advantage: The Incremental Advantage: MIGRATE TRADITIONAL APPLICATIONS FROM YOUR ON-PREMISES VMWARE ENVIRONMENT TO THE HYBRID CLOUD IN FIVE STEPS CONTENTS Introduction..................... 2 Five Steps to the Hybrid

More information

IBM PowerSC. Security and compliance solution designed to protect virtualised data centres. Highlights. IBM Systems and Technology Data Sheet

IBM PowerSC. Security and compliance solution designed to protect virtualised data centres. Highlights. IBM Systems and Technology Data Sheet IBM PowerSC Security and compliance solution designed to protect virtualised data centres Highlights Simplify security management and compliance measurement Reduce administration costs of meeting compliance

More information

Are You Ready for the Holiday Rush?

Are You Ready for the Holiday Rush? Are You Ready for the Holiday Rush? Five Survival Tips Written by Joseph Palumbo, Cloud Usability Team Leader Are You Ready for the Holiday Rush? Five Survival Tips Cover Table of Contents 1. Vertical

More information

Copyright 2014, Oracle and/or its affiliates. All rights reserved. 2

Copyright 2014, Oracle and/or its affiliates. All rights reserved. 2 2 CON8358 - Building a Private Cloud with OpenStack Oracle OpenStack for Oracle Linux Ronen Kofman Director of Product Development Oracle OpenStack September, 2014 Safe Harbor Statement The following is

More information

EMC Data Protection Advisor 6.0

EMC Data Protection Advisor 6.0 White Paper EMC Data Protection Advisor 6.0 Abstract EMC Data Protection Advisor provides a comprehensive set of features to reduce the complexity of managing data protection environments, improve compliance

More information

Openstack. Cloud computing with Openstack. Saverio Proto saverio.proto@switch.ch

Openstack. Cloud computing with Openstack. Saverio Proto saverio.proto@switch.ch Openstack Cloud computing with Openstack Saverio Proto saverio.proto@switch.ch Lugano, 23/03/2016 Agenda SWITCH role in Openstack and Cloud Computing What is Virtualization? Why is Cloud computing more

More information

THE #1 MANAGED CLOUD COMPANY RACKSPACE WITH EMC STORAGE

THE #1 MANAGED CLOUD COMPANY RACKSPACE WITH EMC STORAGE RACKSPACE THE #1 MANAGED CLOUD COMPANY WITH EMC STORAGE TODAY S ENTERPRISE IT LEADERS ARE FACED WITH TREMENDOUS CHALLENGES: They must provide an IT infrastructure that reliably supports the multitude of

More information

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet IBM PowerSC Security and compliance solution designed to protect virtualized datacenters Highlights Simplify security management and compliance measurement Reduce administration costs of meeting compliance

More information

An Introduction to OpenStack and its use of KVM. Daniel P. Berrangé

An Introduction to OpenStack and its use of KVM. Daniel P. Berrangé <berrange@redhat.com> An Introduction to OpenStack and its use of KVM Daniel P. Berrangé About me Contributor to multiple virt projects Libvirt Developer / Architect 8 years OpenStack contributor 1 year

More information

October 2014. Four Best Practices for Passing Privileged Account Audits

October 2014. Four Best Practices for Passing Privileged Account Audits Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least

More information

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access F5 PARTNERSHIP SOLUTION GUIDE F5 and VMware Virtualization solutions to tighten security, optimize performance and availability, and unify access 1 W H AT 'S INS I DE Data Center Virtualization 3 Enterprise

More information

Solution Overview VMWARE PROTECTION WITH EMC NETWORKER 8.2. White Paper

Solution Overview VMWARE PROTECTION WITH EMC NETWORKER 8.2. White Paper White Paper VMWARE PROTECTION WITH EMC NETWORKER 8.2 Solution Overview Abstract This white paper describes the integration of EMC NetWorker with VMware vcenter. It also includes details on the NetWorker

More information

Network Function Virtualization Using Data Plane Developer s Kit

Network Function Virtualization Using Data Plane Developer s Kit Network Function Virtualization Using Enabling 25GbE to 100GbE Virtual Network Functions with QLogic FastLinQ Intelligent Ethernet Adapters DPDK addresses key scalability issues of NFV workloads QLogic

More information

SUSE Cloud Deployment Guide Questionnaire

SUSE Cloud Deployment Guide Questionnaire SUSE Cloud Deployment Guide Questionnaire This document is a starting point for a SUSE Cloud implementation. Use this document as a guide to help you prepare for deployment and as a worksheet as you discuss

More information

DR-to-the- Cloud Best Practices

DR-to-the- Cloud Best Practices DR-to-the- Cloud Best Practices HOW TO EFFECTIVELY CONFIGURE YOUR OWN SELF-MANAGED RECOVERY PLANS AND THE REPLICATION OF CRITICAL VMWARE VIRTUAL MACHINES FROM ON-PREMISES TO A CLOUD SERVICE PROVIDER CONTENTS

More information

Using VMware VMotion with Oracle Database and EMC CLARiiON Storage Systems

Using VMware VMotion with Oracle Database and EMC CLARiiON Storage Systems Using VMware VMotion with Oracle Database and EMC CLARiiON Storage Systems Applied Technology Abstract By migrating VMware virtual machines from one physical environment to another, VMware VMotion can

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service

More information

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com

More information

VMware Hybrid Cloud. Accelerate Your Time to Value

VMware Hybrid Cloud. Accelerate Your Time to Value VMware Hybrid Cloud Accelerate Your Time to Value Fulfilling the Promise of Hybrid Cloud Computing Through 2020, the most common use of cloud services will be a hybrid model combining on-premises and external

More information

Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems

Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems RH413 Manage Software Updates Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems Allocate an advanced file system layout, and use file

More information

AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013

AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013 AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013 OpenStack What is OpenStack? OpenStack is a cloud operaeng system that controls large pools of compute, storage, and networking resources

More information

Adrian Otto, Rackspace @adrian_otto

Adrian Otto, Rackspace @adrian_otto Adrian Otto, Rackspace @adrian_otto Ancient History RackSpace Cloud Files Swift NASA Nova OpenStack born with 25 participating companies! Mission Statement "To produce the ubiquitous Open Source cloud

More information

Security is a Partnership

Security is a Partnership Security is a Partnership Written by J.R. Arredondo Director, Product Marketing Security is a Partnership Cover Table of Contents 1. Introduction 2 2. The Increasing Complexity of Security 3 and Compliance

More information

Intel Service Assurance Administrator. Product Overview

Intel Service Assurance Administrator. Product Overview Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an

More information

An Intro to OpenStack. Ian Lawson Senior Solution Architect, Red Hat ilawson@redhat.com

An Intro to OpenStack. Ian Lawson Senior Solution Architect, Red Hat ilawson@redhat.com An Intro to OpenStack Ian Lawson Senior Solution Architect, Red Hat ilawson@redhat.com What is OpenStack? What is OpenStack? Fully open source cloud operating system Comprised of several open source sub-projects

More information

OpenStack. Orgad Kimchi. Principal Software Engineer. Oracle ISV Engineering. 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved.

OpenStack. Orgad Kimchi. Principal Software Engineer. Oracle ISV Engineering. 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved. OpenStack Orgad Kimchi Principal Software Engineer Oracle ISV Engineering 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved. Safe Harbor Statement The following is intended to outline

More information

OpenStack IaaS. Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013

OpenStack IaaS. Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013 OpenStack IaaS 1 Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013 Disclaimer The information provided within this presentation is for educational purposes only and was prepared for a community

More information

RackConnect User Guide

RackConnect User Guide RackConnect User Guide Updated: November 8, 2011 RackConnect User Guide Page 2 of 15 DISCLAIMER This RackConnect User Guide (the Guide ) is for informational purposes only and is provided AS IS. The information

More information

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has

More information

Logica Sweden provides secure and compliant cloud services with CA IdentityMinder TM

Logica Sweden provides secure and compliant cloud services with CA IdentityMinder TM CUSTOMER SUCCESS STORY Logica Sweden provides secure and compliant cloud services with CA IdentityMinder TM CUSTOMER PROFILE Industry: IT services Company: Logica Sweden Employees: 5,200 (41,000 globally)

More information

OPEN CLOUD INFRASTRUCTURE BUILT FOR THE ENTERPRISE

OPEN CLOUD INFRASTRUCTURE BUILT FOR THE ENTERPRISE RED HAT ENTERPRISE LINUX OPENSTACK PLATFORM OPEN CLOUD INFRASTRUCTURE BUILT FOR THE ENTERPRISE Arthur Enright Principal Product Manager Virtulization Business Unit I.T. CHALLENGES WORKLOADS ARE EVOLVING

More information

SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse.

SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse. SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager pchadwick@suse.com Product Marketing Manager djarvis@suse.com SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack

More information

Virtualization Essentials

Virtualization Essentials Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically

More information

Getting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013

Getting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013 Getting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013 Table of Contents Introduction.... 3 1.1 VMware vsphere.... 3 1.2 OpenStack.... 3 1.3 Using OpenStack

More information

Iron Chef: Bare Metal OpenStack

Iron Chef: Bare Metal OpenStack Rebecca Brenton Partner Alliances Manager Rob Hirschfeld Principal Cloud Architect Session Hashtags #chefconf #openstack About the Solution: http://dell.com/openstack http://dell.com/crowbak Iron Chef:

More information

The Hybrid Cloud and Microsoft Azure Bridging Private and Public Environments

The Hybrid Cloud and Microsoft Azure Bridging Private and Public Environments The Hybrid Cloud and Microsoft Azure Bridging Private and Public Environments The Hybrid Cloud and Microsoft Azure Cover Table of Contents Introduction 1 What Is a Hybrid Environment? 2 Buy, Lease or Rent

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Security Best Practices Overview

Security Best Practices Overview Software Version, page 1 Cisco Modeling Labs Client, page 1 Cisco Modeling Labs Server, page 2 Linux-based Operating System, page 2 OpenStack Security Overview, page 3 Software Version The recommendations

More information

Block Storage in the Open Source Cloud called OpenStack

Block Storage in the Open Source Cloud called OpenStack Block Storage in the Open Source Cloud called OpenStack PRESENTATION TITLE GOES HERE June 3, 2015 Webcast Presenters Alex McDonald, Vice Chair SNIA-ESF NetApp Walter Boring, Software Engineer, HP 2 SNIA

More information

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX White Paper SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX Abstract This white paper explains the benefits to the extended enterprise of the on-

More information

Wojciech Furmankiewicz Senior Solution Architect Red Hat CEE wfurmank@redhat.com

Wojciech Furmankiewicz Senior Solution Architect Red Hat CEE wfurmank@redhat.com Wojciech Senior Solution Architect Red Hat CEE wfurmank@redhat.com IT challenges Challenges with traditional infrastructure Our data is too large We're producing vast amounts of data, exponentially! Way

More information

Boost your VDI Confidence with Monitoring and Load Testing

Boost your VDI Confidence with Monitoring and Load Testing White Paper Boost your VDI Confidence with Monitoring and Load Testing How combining monitoring tools and load testing tools offers a complete solution for VDI performance assurance By Adam Carter, Product

More information

PCI Data Security Standards (DSS)

PCI Data Security Standards (DSS) ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants

More information

rackspace.com/cloud/private

rackspace.com/cloud/private TM rackspace.com/cloud/private Rackspace Private Cloud Active v 4.0 (2013-06-25) Copyright 2013 Rackspace All rights reserved. This document is intended to assist Rackspace Private Cloud customers in updating

More information

SAS 70 Type II Audits

SAS 70 Type II Audits Thinking from IntraLinks SAS 70 Type II Audits SAS 70 Type II Audits Ensuring Data Security, Reliability and Integrity If your organization shares sensitive data over the Internet, you need rigorous controls

More information

Project Documentation

Project Documentation Project Documentation Class: ISYS 567 Internship Instructor: Prof. Verma Students: Brandon Lai Pascal Schuele 1/20 Table of Contents 1.) Introduction to Cloud Computing... 3 2.) Public vs. Private Cloud...

More information

Understanding Enterprise Cloud Governance

Understanding Enterprise Cloud Governance Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination

More information

IT Security & Compliance. On Time. On Budget. On Demand.

IT Security & Compliance. On Time. On Budget. On Demand. IT Security & Compliance On Time. On Budget. On Demand. IT Security & Compliance Delivered as a Service For businesses today, managing IT security risk and meeting compliance requirements is paramount

More information

Microsoft Private Cloud Fast Track

Microsoft Private Cloud Fast Track Microsoft Private Cloud Fast Track Microsoft Private Cloud Fast Track is a reference architecture designed to help build private clouds by combining Microsoft software with Nutanix technology to decrease

More information

Keywords Cloud computing, Cloud platforms, Eucalyptus, Amazon, OpenStack.

Keywords Cloud computing, Cloud platforms, Eucalyptus, Amazon, OpenStack. Volume 3, Issue 11, November 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Cloud Platforms

More information

THE OPEN CLOUD COMPANY RACKSPACE WITH EMC STORAGE

THE OPEN CLOUD COMPANY RACKSPACE WITH EMC STORAGE RACKSPACE THE OPEN CLOUD COMPANY WITH EMC STORAGE TODAY S ENTERPRISE IT LEADERS ARE FACED WITH TREMENDOUS CHALLENGES: They must provide an IT infrastructure that reliably supports the multitude of applications

More information

IBM TotalStorage Productivity Center Suite

IBM TotalStorage Productivity Center Suite Simplify, automate, and optimize storage infrastructure Suite IBM TotalStorage Productivity Center can help you manage the capacity utilization of storage systems, file systems and databases and automate

More information

Virtualization Case Study

Virtualization Case Study INDUSTRY Finance COMPANY PROFILE Major Financial Institution. BUSINESS SITUATION Internal security audits found that VMware ESX, Red Hat Linux, and Solaris systems lacked an efficient way to control access

More information

Software Defined Networking (SDN) and OpenStack. Christian Koenning

Software Defined Networking (SDN) and OpenStack. Christian Koenning Software Defined Networking (SDN) and OpenStack Christian Koenning Driving Towards an Application Centric World IT/Ops Struggle to Deliver SDDC/Cloud Mobility Internet of things Advanced threats Lines

More information

RSA Authentication Agents Security Best Practices Guide. Version 3

RSA Authentication Agents Security Best Practices Guide. Version 3 RSA Authentication Agents Security Best Practices Guide Version 3 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA,

More information

Monitoring your cloud based applications running on Ruby and MongoDB

Monitoring your cloud based applications running on Ruby and MongoDB IBM Smart Cloud Application Performance Monitoring Monitoring your cloud based applications running on Ruby and MongoDB Important Notice & Disclaimer THE INFORMATION CONTAINED IN THIS PRESENTATION IS PROVIDED

More information

CA Virtual Assurance for Infrastructure Managers

CA Virtual Assurance for Infrastructure Managers PRODUCT SHEET: CA Virtual Assurance for Infrastructure Managers CA Virtual Assurance for Infrastructure Managers agility made possible CA Virtual Assurance for Infrastructure Managers is an add-on product

More information

CLOUD BLOCK STORAGE CONSISTENT AND RELIABLE STORAGE PERFORMANCE IN THE CLOUD

CLOUD BLOCK STORAGE CONSISTENT AND RELIABLE STORAGE PERFORMANCE IN THE CLOUD CLOUD BLOCK STORAGE CONSISTENT AND RELIABLE STORAGE PERFORMANCE IN THE CLOUD Rackspace Cloud Block Storage provides external block-level storage volumes that supplement the storage built into Rackspace

More information

how can I virtualize my mission-critical servers while maintaining or improving security?

how can I virtualize my mission-critical servers while maintaining or improving security? SOLUTION BRIEF Securing Virtual Environments how can I virtualize my mission-critical servers while maintaining or improving security? agility made possible CA ControlMinder for Virtual Environments provides

More information

Trend Micro. Advanced Security Built for the Cloud

Trend Micro. Advanced Security Built for the Cloud datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers

More information

HP OpenStack & Automation

HP OpenStack & Automation HP OpenStack & Automation Where we are heading Thomas Goh Cloud Computing Cloud Computing Cloud computing is a model for enabling ubiquitous network access to a shared pool of configurable computing resources.

More information